Skip site navigation (1) Skip section navigation (2)

md5 hashing of user passwords

From: "G(dot) J(dot) Walsh" <gjwalsh(at)dscdirectionalservices(dot)com>
To: pgsql-novice(at)postgresql(dot)org
Subject: md5 hashing of user passwords
Date: 2008-03-25 01:43:00
Message-ID: 1206409380.14992.12.camel@www.dscdirectionalservices.com (view raw or flat)
Thread:
Lists: pgsql-novice
At registration, a user's password is encrypted by php's md5 and stored
in a client login table.

On login, the client's password as provided in a login form, is run
through md5 hashing and submitted to the server for authentication.
Pretty standard stuff!

BUT authentication always fails.

To get a grip on this, I set up a record with a specific password. For
some reason I cannot understand, the md5 hash written into postgresql
does not correspond with the echoing back of the hash at login attempts.

In both instances, the hashing is consistent.

The login is performed under ssl. Changing it to run under http makes no
difference - the hashing remains the same.

The data base provides a character varying(32) column for the hashed
password.

Can someone help me out of this morass???

Much appreciated!

Responses

pgsql-novice by date

Next:From: Bruce MomjianDate: 2008-03-25 01:46:41
Subject: Re: md5 hashing of user passwords
Previous:From: Tom LaneDate: 2008-03-21 15:10:51
Subject: Re: About db session time-out while uploading data to database

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group